"William L. Maltby" <CentOS4Bill@xxxxxxxxxxxx> wrote in message news:1200354890.5507.35.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > On Mon, 2008-01-14 at 17:53 -0500, Eric B. wrote: >> > Eric B. wrote: >> >>>><snip> >> >> Thanks for the feedback Rick. I didn't realize that security >> >> implication. >> >> However I'm already running this on a machine that is heavily >> >> firewalled >> >> on >> >> a VPN so I am fairly sure that no one will be accessing this >> >> externally, >> >> but >> >> I still would like to restrict access to particular machines. >> >> Ideally, >> >> would rather use FQDN to make life easier for me to administer. I >> >> have >> >> created my additional reverse-dns pointer but I am still having >> >> problems >> >> with it. >> >> >> >> nslookup from the server gives me: >> >> # nslookup 192.168.3.103 >> >> Server: 192.168.1.67 >> >> Address: 192.168.1.67#53 >> >> >> >> 103.3.168.192.in-addr.arpa name = >> >> eric.test.com.3.168.192.in-addr.arpa. >> >> >> > >> > It looks like there is a missing trailing dot in your DNS zone >> > configuration. I doubt you are authoritative for the in-addr.arpa zone. >> > >> > in your zone file, you should have something like >> > 103 IN PTR eric.test.example. >> > (notice the last dot). Otherwise, the zone name (@ORIGIN) will be >> > added. >> > >> > >> > make sure you have a matching reverse _and_ forward resolution. you >> > should get something like: >> > >> > 192.168.3.103 => eric.test.example >> > _and_ >> > eric.test.example => 192.168.3.103 >> > >> > If you only have the reverse lookup, the result is untrusted and sane >> > applications should ignore it. >> >> >> Thanks for the pointer. Indeed, I was missing the trailing . after my >> FQDN >> in my revers file. I have updated my reverse files, and nslookup is >> resolving better, but still not further ahead. >> >> My reverse file: 3.168.192.in-addr.arpa now contains the following line: >> 103 IN PTR eric.test.com. >> >> >> If I try nslookups now, my results are as follows: >> >> # nslookup 192.168.3.103 >> Server: 192.168.1.67 >> Address: 192.168.1.67#53 >> >> 103.103.168.192.in-addr.arpa name = eric.test.com. >> >> # nslookup eric.test.com >> Server: 192.168.1.67 >> Address: 192.168.1.67#53 >> >> Name: eric.test.com >> Address: 192.168.3.103 >> >> >> So from that, it seems as though the DNS / rDNS are properly configured, >> does it not? Similarly, I have both the forward and reverse domain name >> on >> the DNS server as the nslookups show. However, I still get the same >> error >> msg: >> Jan 14 17:46:50 apollo atftpd[15905]: Connection refused from >> 192.168.103.103 > AAA > Correct? -----||| Whoops - cut & paste typo. That line is supposed to read: Jan 14 17:46:50 apollo atftpd[15905]: Connection refused from 192.168.3.103 _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos